<?php

	/*
	* file: download.php
	*
	* contents:	classic download page.
	*
	* author: Zanco Federico
	*/


	//main

	include("init.php");
	
	//check if an entry key was posted
	if ( isset($_GET['doc_num']) && isset($_GET['from']) && isset($_GET['to']) ) {

		//get document file and attributes
		$query = "SELECT `filename`,`MIME`,`filesize`,`binary` FROM documents as d WHERE ";
		$query = $query . "d.doc_num='" . $_GET['doc_num'] . "' AND d.to='" . $_GET['to'] . "' AND d.from='" . $_GET['from'] . "'";
		
		$res = query($query, $con);
		
		//if the document was found send it to client
		if (mysql_affected_rows($con) == 1) {
			$row = mysql_fetch_assoc($res);
			//print_r($row);
			header("Content-length: \"" . $row['filesize'] . "\"");
			header("Content-type: \"" . $row['MIME'] . "\"");
			header("Content-Disposition: attachment; filename=\"" . $row['filename'] . "\"");
			echo $row['binary'];
			disconnect($con);
			exit;
		} else
			//else notify that document doesn't exist	
			showErrorPage('Il documento richiesto non esiste!');
	}

	disconnect($con);
	
?>
